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BIOS protection device 

Cross-Reference to Related Applications 

The present application claims priority from Provisional Patent Application 
No 2003905097 filed on 18 September 2003, the contents of which is incorporated 
herein by reference. 

5 

Introduction 

The present invention relates generally to security in relation to software in 
gaming machines and in particular the invention provides a method of verifying a BIOS 
Rom prior to startup of a machine. 

10 

Background of the Invention 

US Patent No US 5,643,086 describes a method of securing a gaming machine 
such that unapproved software on the mass storage will not be executed. The BIOS 
chip responsible for booting the system checks the cryptographic digital signature of 

15 software it loads from the hard disk (or other device) and only if it is valid will the 
software be executed. It is possible to tamper with this system by modifying the 
software in the BIOS to eliminate the digital signature checking. This modification 
could be detected if the gaming machine is examined in detail, though this is not 
suggested in the prior art document.. 

20 Gaming regulations typically require that BIOS chips be socketed, so that 

regulators are able to easily verify the contents of the memory and detect such illegal 
tampering. However this does make it very easy to illegally modify the BIOS. 

The use of custom hardware can protect against such BIOS modifications, but 
prevents the use of indiistry standard hardware, such as PC's. A smartcard for example 

25 is easily able to implement secure program memory. 

The Microsoft X-BOX Game console is based on standard PC technology, with 
some modifications. One of the security mechanisms is to boot the CPU from a small 
ROM embedded in the customised graphics controller, which is then responsible for 
authenticating the remaining BIOS software. The BIOS then goes on to provide 

30 security for the rest of the loading process. It is not feasible to tamper with the code in 
the custom graphics chip, and hence in theory provides a high level of secxirity, 
however it is very difficult and expensive to customise such a significant part of the PC 
architecture. 
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US Patent No 4,862,156 to Atari for a "Video Computer System" (a home game 
console) describes a security system in which digital signature authentication is 
performed on console games. If the check fails, part of the functionality of the console 
is disabled. Only if authentication passes is full functionality enabled. 
5 US Patent No 6,071,190 describes a method of improving the security off a 

gaming machine, and verifying the stored program therein. The security depends 
security of the BIOS. 

US Patent application No 20030064771 "Reconfigurable Gaming Machine" 
describes a gaming machine in which secvuity again is dependant on the BIOS. 
10 US Patent No 5,802,592 "System and Method for Protecting Integrity of Alterable 
ROM using Digital Signature" describes a system into which the BIOS is partitioned 
into alterable and unalterable parts. The CPU first executes the unalterable BIOS, 
which authenticates the alterable part. This system protects against tampered software 
in the alterable BIOS, but not against modifications to the unalterable BIOS (for 
1 5 example if it is physically replaced). 

US Patent No 5,844,986 "Secure BIOS" describes a system in which BIOS 
updates are cryptographically controlled, such that only authentic updates caii be 
written to the BIOS memory. 

US Patent No 6,488,581 describes device for protecting a mass storage device 
20 (eg disk drive) against modification by filtering out unauthorised commands to the 
device. 

US Government standard FIPS 140-1 "Security requirements for Cryptographic 
modules" describes, in section "4.11.1 Power-Up Tests" software/firmware tests in 
which software/firmware residing in a cryptographic module is cryptographically 

25 authenticated at power up. The same technique is used in gaming machines (e.g. US 
Patent No 5,643,086), but is more secure due the physical security of the cryptographic 
module - i-e, it is not physically possibly to tamper with the boot program. 

Each of these prior art arrangements either relies on the BIOS being secure or 
uses a non-standard hardware configuration that is incompatible with a standard PC 

30 hardware configuration. 

US Patent No 6,401,208 "Method for BIOS authentication prior to BIOS 
execution" by Intel Corp., describes a method of BIOS protection that results in a 
similar outcome to the arrangement of the present invention, however the method of 
achieving that result is quite different and more complex than that now proposed. The 

35 Intel proposal relies on a special modified mother board chip set and a processor which 
employs an op-code emulation bit to allow a data fetch to be disguised as an instruction 
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fetch. This approach may not be accessible by smaller dedicated application 
developers, or at least, not at a reasonable cost. 

The Trusted Computing Platforai Alliance (TCP A) is a group of companies in 
the computing industry promoting new hardware/software extensions to the PC to 
5 enable more secure computing and digital rights management (DRM). TCPA enables 
an external computer to detemiine the exact software configuration of a PC. It is not 
required that the PC must boot particular software, only that the software that it does 
boot can be determined externally. While ideal for network connected DRM, as it lets 
a content provider permit downloads only to suitably configured machines, it is not 

10 sufficient for a gaming machine which should never be permitted to execute non- 
approved software, and is often not even connected to a network. Further flie security 
of TCPA rests in part on the security of the BIOS against tampering, and this is not 
secure in the current PC standard. Securing the BIOS firom tampering would require 
more extensive changes to the PC architecture standard. CTrusted Computing 

1 5 Platforms TCPA Technology In Context", ISBN 0-13-009220-7). 

Throughout this specification the word "comprise", or variations such as 
"comprises" or "comprising", will be understood to imply the inclusion of a stated 
element, integer or step, or group of elements, integers or steps, but not the exclusion of 
any other element, integer or step, or group of elements, integers or steps. 

20 Any discussion of documents, acts, materials, devices, articles or the like which 

has been included in the present specification is solely for the purpose of providing a 
context for the present invention. It is not to be taken as an admission that any or all of 
these matters form part of the prior art base or were common general knowledge in the 
field relevant to the present invention as it existed before the priority date of each claim 

2S of this application. 

Summary of the invention 

According to a first aspect, the present invention provides a processing system 
comprising a central processor, a BIOS memory device and a BIOS protection device 
30 interconnected by address and data paths, wherein at start-up, the BIOS protection 
device takes control of the memory address and data paths and prevents execution of a 
boot program stored in the BIOS memory device imtil the BIOS protection device has 
verified that the boot program stored in the BIOS memory device is authentic. 

According to a second aspect, the present invention provides a method of 
35 authenticating a boot program held in a BIOS memory device of a processing system 
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comprising a central processor, the BIOS memory device and a BIOS protection device 
interconnected by address and data paths, the method comprising the steps of: 

1) at start-up, the BIOS protection device temporarily prevents execution of 
the boot program by the central processor; 
5 2) the BIOS protection device takes control of the address and data paths; 

3) the BIOS protection device interrogates the contents of the BIOS memory 
device to establish if the contents are authenticated; 

4) if the contents of the BIOS memory device are not authentic, the BIOS 
protection device continues to prevent execution of the boot program and prevents 

1 0 further operation of the central processor; and 

5) if the contents of the BIOS memory device are authentic, the BIOS 
protection device relinquishes control of the address and datapaths and allows the 
central processor to execute the boot program in the BIOS memory device. 

According to a third aspect, the present invention provides a BIOS protection 

15 device for connection to a processing system between a central processor and a BIOS 
memory device containing a boot program, the BIOS protection device including 
address and data path interface connection means, and an authentication processor 
whereby, when power is applied to the BIOS protection device, the BIOS protection 
device takes control of address and data path(s) to which it is connected and the 

20 authentication processor interrogates the BIOS memory device connected to the 
address and data path(s) to determine if the boot program contained in the BIOS 
memory device is authentic, and only if the boot program is determined to be authentic 
does the BIOS protection device release control of the address and data path(s) to 
permit the central processor to execute the boot program. 

25 In various embodiments of the invention, different address and data path 

interfaces may be used including serial interfaces, totally non-multiplexed buses, the 
Intel™ Low Pin Count (LPC) bus structure and various intermediate solutions, 
depending on other components used on the motherboard. The motherboard may use 
standard PC architecture or may be a non-PC configuration. 

30 Preferably, the BIOS device includes a cryptographic digital signature located at 

a known location in the BIOS memory device and the BIOS protection device 
calculates the value of the signature (from the BIOS data and internal public key) and 
interrogates the BIOS to verify that the correct signature is present and corresponds 
with the boot program (or, a part thereof) stored in the BIOS device. 

35 In one embodiment, the BIOS protection device also contains an internal 

memory device and while authenticating the BIOS contents, the BIOS protection 
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device copies part of the BIOS memory device contents to the internal memory device 
and subsequently controls the address and data path(s) to bypass the BIOS device 
when the central processor attempts to access the copied part of the BIOS memory 
device contents, 

5 Preferably at least one signal line of the motherboard is interrupted by the BIOS 

protection device such that the motherboard is inoperative if the BIOS protection 
device is not present. In one preferred embodiment of the invention, the reset control 
circuit is provided in the BIOS protection device such that the board cannot exit the 
reset state if the BIOS protection device is not present. 

10 Preferably also, the BIOS protection device will hold the reset.signal in the reset 

(or, disabled) state while the authentication of the BIOS is performed. When the 
authentication is successful, the BIOS protection device releases the reset signal 
allowing the central processor to commence operation. In an alternative embodiment, 
the BIOS protection device inserts wait cycles to disable the central processor while 

1 5 authenticating the BIOS memory device. 

Brief Description of the Drawings 

Embodiments of the invention will now be described, by way of example, with 
reference to the accompanying drawings in which: 
20 FIG. 1 is a block diagram of a standard PC without BIOS protection; 

FIG. 2 is a block diagram of PC with BIOS protection according to an 
embodiment of the present invention; 

FIG. 3 is a block diagram of a BIOS protection device according to an 
embodiment of the present invention in 'Standard PC; 
25 FIG. 4 is a block diagram of a protection device used in standard PC 

embodiments of the invention with an LPC BIOS device; 

FIG. 5 is a block diagram of a protection device used in standard PC 
embodiments of the invention with an EPROM BIOS device; 

FIG. 6 is a block diagram of a BIOS protection device according to an 
30 embodiment of the present invention in a non-PC platform; 

FIG. 7 is a block diagram of a protection device for EPROM used in non-PC 
embodiments of the present invention; 

FIG. 8 is a block Diagram of an EPROM BIOS protection device with full 
protected storage according to an embodiment of the present invention; 
35 FIG. 9 is a block Diagram of an EPROM BIOS protection device with partial 

protected storage according to an embodiment of the present invention; and 



wo 2005/026951 



PCT/AU2004/001267 



6 

FIG. 10 is a block diagram of a BIOS protection device according to an 
embodiment of the present invention in a non-PC platform with a non-multiplexed 
address / data bus. 

5 Detailed Description of the Preferred Embodiments 

It is unlikely that BIOS security of the type required by gaming applications and 
other sensitive applications will be built into the PC standard in the near future, because 
there is no real need for it in most applications. Hence the only way to get this level of 
security is to customise the PC standard, and the embodiments of the present invention 

1 0 described below achieve this in a relatively inexpensive manner. 

A PC is not designed for security and security against BIOS modification has 
not b.een a concern for the mainstream PC market. Prior to this invention the only way 
to incorporate this level security was by directly incorporating it into the chips which 
make up the PC, as was done with the Microsoft X-BOX. It is not feasible for a niche 

15 industry user to influence the PC industry to incorporate BIOS security into the PC 
standard, or to go to the expense of modify existing PC standard chips. 

Embodiments of the invention are described below with reference to gaming 
machines, however embodiments may also be useful in other fields where a higher 
level of security is required, while using standard commercial designs. An example 

20 might be ATM machines vised in the banking industry. It would also be useful in 
implementing TCPA without making significant changes to the PC architecture 
standard. 

Referring to Figs 2 to 10 of the drawings, embodiments of the invention provide 
BIOS protection in a processor by using a device which is transparent to the normal 

25 operation of the rest of the hardware, enabling the use of standard hardware 
components. It can easily be built into an otherwise standard PC motherboard and 
provide a high level of security. 

Fig. 1 shows a standard PC architecture which employs a commonly used 
standard PC motherboard chipset (the Intel 845G chipset), which is comprised of two 

30 chips, the graphics and memory controller hub (GMCH) 12, and I/O controller hub 
(ICH4) 14. The BIOS 18 is interfaced via the ICH4 using the Intel standard low pin 
count (LPC) interface 16. One such BIOS chip is the STMicroelectronics M50FW040. 
In FIG. 1, the processor is a Pentium 4 CPU 1 1 which interfaces to the remainder of the 
system via the GMCH 12. Memory 13 is also connected to the GMCH as is the ICH4, 

35 14. 
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Referring to FIG. 2, in one preferred implementation of the present invention, a 
BIOS protection device 17 is provided in an otherwise standard PC hardware 
configuration (ie the configuration of Fig. 1), the BIOS protection device being an 
integrated circuit inserted between an I/O controller 14 and the BIOS memory device 
5 18. This arrangement is shown in more detail in FIG. 3, in which it can be seen that the 
LPC interface can be used between the ICH4 14, the BIOS protection device 17 and 
BIOS 18. The BIOS protection device 17 appears to the ICH4 14 as if it were a BIOS 
device, and the BIOS protection device 17 appears to the BIOS 18 as if it were an ICH4 
device. 

10 Referring to FIG. 4, the LPC interface 16 employs multiplexed address and data 

lines between the I/O controller hub 14 and the BIOS memory device 18. Address and 
data information on the intemal (PC side) LPC bus 24 passes to the "A" input of an 
LPC multiplexer 22, within the BIOS Protection device 17, and depending on the state 
of the multiplexer 22 passes to the intemal (BIOS side) LPC bus 25. The LPC 

15 Multiplexer 22 is a bi-directional switch which provides a bi-directional cormection for 
multiplexed addresses and data between either of the 'inputs' 'A' & 'B' and the 'output' 
depending on the state of the A/B input which in this case is controlled by the reset line 
23. The 'B input' of the LPC multiplexer 22 is connected to the authenticator 21 by a 
fiirther intemal LPC bus 26. The authenticator 21 contains the reset circuit for the 

20 motherboard and holds the motherboard in a reset state while authentication takes 
place. 

After power on, the protection device enters the verification mode where it 
verifies the contents of the BIOS. While in verification mode the authenticator 21 
within the protection device asserts the reset line 23 to hold the rest of the motherboard 

25 in reset while the BIOS is being interrogated and to provide enhanced security in the 
event that authentication fails. Alternately, to prevent malfunction, instead of using the 
reset function, the protection device can insert wait cycles into external BIOS access 
until authentication is successfully completed. While in reset the multiplexer circuit 22 
routes the address from the authenticator to the output and hence BIOS 18, allowing the 

30 authenticator to read the contents of the BIOS from the LPC bxis 16 / 25. After 
authentication has been successful and reset is negated, the multiplexer routes the 
address from the ICH4 14 to the BIOS 18, allowing the CPU 11 to read the BIOS 18. 
The external circuit used would be similar to that shown in Fig. 3, where the existing 
circuit uses an ICH4 device. 

35 In normal operation, after the BIOS has been successfully authenticated, the 

protection device is transparent to the operation of the standard ICH4 and BIOS 
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devices, and has no effect on the functions of the motherboard. Standard software 
verification techniques can then be used to provide further protection for the 
application software running on the processor. 

To authenticate the BIOS, the BIOS protection device 17 reads the contents of 
5 the BIOS chips 18 and verifies that the contents are valid against a cryptographic 
digital signature embedded in the BIOS at a known location. The public key of the 
signature is stored in the authenticator 21 of the BIOS protection device 17 where it 
cannot be tampered with. If the BIOS is successfully authenticated the BIOS 
protection device moves to it's transparent mode of operation and releases the reset and 
10 enables any extra functionality provided within the protection device. If authentication 
fails the BIOS protection device enters the error mode, where access to the BIOS is 
disabled, the system remains in reset, and any extra functions of the protection chip are 
disabled. 

Therefore even in a physical arrangement where it is easy to access and modify 

1 5 the contents of the BIOS, security is preserved. 

The arrangement described above, allows industry standard designs to be easily 
enhanced to support a much stronger level of security against tampering. A single 
security device can be used to protect multiple different boards, requiring only that the 
board's memory interface be supported. 

20 With the arrangement described above, while it would still be possible to tamper 

with the BIOS by replacing the protection device with a substitute circuit that did not 
have protection, this is much more difficult than simply removing a socketed BIOS 
device as is possible with existing systems. 

The protection device may incorporate further imrelated functions of the board, 

25 such that if it were removed it woxild be difficult to duplicate it's functions. Preferably 
these functions would be necessary to the operation of the board, and are disabled if the 
BIOS verification fails. Hence the protection device cannot be easily replaced by a 
simple circuit without the protection feature as this would require that the extra 
functions must also be duplicated. In a simple example the reset control circuit for the 

30 board is implement in the protection device, and any replacement device would have to 
replicate the reset function for the motherboard to operate. 

To make tampering even more difficult, the protection device should be 
soldered directly to the circuit board, such that it is difficult to remove. Although it is 
possible to remove when it is soldered in, it is relatively time consuming and risks 

35 damage to the board, and is therefore expensive and/or increases the chance of 
detection. 
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Referring to FIG. 5, the protection device may convert from one BIOS hardware 
interface to another. This may be a usefUl function itself, allowing a different memory 
device to be used than the standard one. For example using a PC in gaming application 
it may be preferred to use a PC chipset, such as the Intel 845G with LPC BIOS 
5 interface 16, and EPROM in DIP package for the BIOS chip 18. The EPROM has the 
advantages (in gaming applications) of being physically easier to handle and is unable 
to be reprogrammed in circuit. This also enhances security, as it is a significant 
function that must be replaced if the protection device is to be removed. To achieve 
this, the protection device 17 would include a bus converter 28 which multiplexes/de- 

10 multiplexes the intemal LPC bus 25 to create a separate address bus 27 and data bus 29 
carrying address and data signals to and from the BIOS device 18. 

In another example, a gaming machine such as the Aristocrat Technologies Mk6 
product uses EPROM to store the game. Referring to FIG. 6, the protection device 32 
may be implemented between the CPU and EPROM 33 and to the CPU the protection 

IS device will appear as a direct interface to the EPROM when in transparent mode. 
Further, the Mk6 product uses a Field Progranmiable Gate Array (FPGA) to interface 
the CPU bus and EPROM, and (with minor modifications to the board) the protection 
device can be integrated into the FPGA. This FPGA controls a large proportion of the 
functionality of the motherboard and would be very difficult to replace. 

20 FIG. 3 shows the entire BIOS memory interface passing through the protection 

device. It is also possible to simply tap the protection device onto most of the signals 
provided that the standard memory interface is not driven when in reset (when the 
protection device needs to drive the signals), A reduced pin coimt protection device 
could be cheaper to implement. If none of the signals is interrupted by the protection 

25 device 17 it can simply be removed leaving a functioning but unprotected circuit. 
Therefore, at least one signal should be interrupted by the protection device 17, but in 
some implementations it may be not necessary to interrupt all signals to provide an 
adequate level of security. The circuit of FIG. 6 shows a trade-off where the EPROM 
address and control signals 34, 35 are interrupted between the BIOS interface 37 of the 

30 I/O controller 31 by the protection device 32, but the data signals 36 and the BIOS 
device 33, are not. The reset signal 38 is again preferably generated by the protection 
device 32, This will typically save 8 or 16 pins on the protection device, but is still 
secure. The data lines 36 must still be connected to the protection device 32 to enable 
the BIOS memory 33 to be read and the signature verified. 

35 Referring to the block diagram of FIG. 7, the simple implementation for an 

EPROM based BIOS (with separate address and data lines) of the type used in FIG 6 is 
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illustrated. The protection device consists of an authenticator 41, address multiplexer 
42, and optional extra functionality 43. The authenticator 41 controls the modes of the 
protection device 3 1 and performs cryptographic authentication of the contents of the 
BIOS 33 (of FIG 6). The reset signal 38 is also generated by the authenticator 41. 
5 In gaming applications regulators often require that memory devices are not 

capable of being updated in the gaming product, but many modem systems are capable 
of electronic updating of the BIOS. The protection devices 17, 32 need not affect the 
operation of BIOS firmware update, but if required, firmware updating can easily be 
disabled by arranging the protection devices 17, 41 to not pass updates to the BIOS 18, 
10 33. 

Protected Program Storage 

One possible attack on the security provided by a protection device of the type 
described above, is to provide an external circuit with two BIOS's, an authentic original 

15 and a tampered version. While the protection device 17, 41 authenticates the BIOS 
(and the board is held in reset) the authentic BIOS is enabled into the circuit, and when 
the board is not reset the tampered version is enabled instead. Thus the protection 
device authenticates one device and the CPU executes the other. While such an attack 
would be difficult to perform undetected, it is theoretically possible. 

20 Referring to FIG. 8, an enhanced protection device 51 incorporates an internal 

program storage memory, called the protected program storage 52, into which BIOS 
data is copied as it is authenticated. Once successfully authenticated, all CPU access to 
the authenticated region of BIOS memory accesses the copy in the protected program 
store 52 instead of the BIOS chip 18, 33. Hence swapping an authentic BIOS chip for 

25 another will not affect security. 

The board is held in reset by asserting the RESET signal 38, while the 
authenticator 41 reads the BIOS EPROM 18, 33 by asserting the OE_OUT signal 39 
and reading data via the DATA_IN bus 36, while at the same time writing the read 
EPROM data to the protected program storage memory 52. When the reset signal 38 is 

30 asserted the address multiplexer 42 selects the address 34a from the authenticator 41 to 
be output allowing the authenticator 42 to read the BIOS device 18, 33, while when 
reset signal 38 is negated the multiplexer 42 selects the address 34 from the main CPU 
11, allowing the CPU to read the BIOS 18, 33. Once the authenticator 41 has 
successfully authenticated the BIOS data the RESET signal 38 is negated to enable 

35 noraial operation of the CPU 1 1 . Data out 36b to the CPU 1 1 passes through a tri-state 
buffer 57 which is enabled by the OE_IN signal 56 from the CPU 11, while t he 



wo 2005/026951 



PCT/AU2004/001267 



11 

OE_OUT signal 39 is always generated by the authenticator 41 because all reads to the 
BIOS 18, 33 are initiated via the protection device 51. 

Ideally the entire contents of the BIOS 18, 33 will be authenticated and stored in 
the internal memory 52, however BIOS chip capacity is quite large and may be 
5 expensive to duplicate. To save cost a subset of the BIOS may be authenticated by the 
BIOS protection device 51, and the software in authenticated portion of the BIOS is 
responsible for authenticating the remaining part of the BIOS using cryptographic 
digital signatures when executed by the CPU 11. The authenticated subset is sufficient 
to authenticate and load the remaining BIOS into the computers main memory, from 

1 0 which it then executes. 

Referring to Fig. 9, a protection device is shown in which the protected program 
storage 52 has a smaller memory capacity than the external BIOS device 18, 33. The 
operation of this device is similar to that of Fig 8, with the addition of a CPU address 
comparator (protected access detector) 53 and data multiplexer (MUX) 54. In this 

15 implementation only a portion of the BIOS device 18, 33 is authenticated, and this 
portion is read into the protected program storage 52, as previously described. When 
the CPU attempts to read the BIOS at an address that is within the range that has been 
authenticated, as determined by the protected access detector 53, the data 36a is 
returned to the CPU from the protected program storage 52, as selected by the data 

20 multiplexer 54. When the CPU 1 1 reads the BIOS at an address that is outside the 
range that has been authenticated, as determined by the protected access detector 53, 
the data 36 is returned to the CPU 1 1 from the external BIOS device 18, 33, as selected 
by the data multiplexer 54. Data out 36b to the CPU 1 1 again passes through a tri-state 
buffer 57 which is enabled by the OE IN signal 56 from the CPU 1 1, however in the 

25 case the OE_OUT signal 39 is generated by gating the OE signal 56a from the 
authenticator 41 with the OE_IN signal 56 from the CPU in AND gate 58 such that the 
BIOS 18, 33 is only enabled when allowed by the authenticator 41 (ie when a read of 
non-copied content is required). 

Prior to successfril authentication the data bus to the CPU may be disabled to 

30 make it more difficult to tamper with the circuit. The data bus is not necessarily tri- 
state, since tampering with a driven data pattern is more difficult to tamper with than a 
tri-state bus. 

Fig. 10 shows the changes required to the circuit of FIG. 6 when the protection 
device 51 of Figs. 8 or 9 is used, 
35 It will be appreciated by persons skilled in the art that numerous variations 

and/or modifications may be made to the invention as shown in the specific 
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embodiments without departing from the spirit or scope of the invention as broadly 
described. The present embodiments are, therefore, to be considered in all respects as 
illustrative and not restrictive. 



